Merge pull request #2320 from automatisch/remove-folders

feat: Implement folder removal API endpoint
2025-01-30 11:33:24 +01:00
parent 5007b403f0 567299d62a
commit c18252510c
4 changed files with 84 additions and 0 deletions
--- a/packages/backend/src/controllers/api/v1/folders/delete-folder.js
+++ b/packages/backend/src/controllers/api/v1/folders/delete-folder.js
@@ -0,0 +1,10 @@
+export default async (request, response) => {
+  const folder = await request.currentUser
+    .$relatedQuery('folders')
+    .findById(request.params.folderId)
+    .throwIfNotFound();
+
+  await folder.$query().delete();
+
+  response.status(204).end();
+};
--- a/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js
+++ b/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js
@@ -0,0 +1,62 @@
+import { describe, it, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createFolder } from '../../../../../test/factories/folder.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+
+describe('DELETE /api/v1/folders/:folderId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should remove the current user folder and return no content', async () => {
+    const currentUserFolder = await createFolder({ userId: currentUser.id });
+
+    await createPermission({
+      action: 'create',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+    });
+
+    await request(app)
+      .delete(`/api/v1/folders/${currentUserFolder.id}`)
+      .set('Authorization', token)
+      .expect(204);
+  });
+
+  it('should return not found response for not existing folder UUID', async () => {
+    await createPermission({
+      action: 'create',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+    });
+
+    const notExistingFolderUUID = Crypto.randomUUID();
+
+    await request(app)
+      .delete(`/api/v1/folders/${notExistingFolderUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'create',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+    });
+
+    await request(app)
+      .delete('/api/v1/folders/invalidFolderUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});
--- a/packages/backend/src/helpers/authorization.js
+++ b/packages/backend/src/helpers/authorization.js
@@ -141,6 +141,10 @@ const authorizationList = {
    action: 'create',
    subject: 'Flow',
  },
+  'DELETE /api/v1/folders/:folderId': {
+    action: 'create',
+    subject: 'Flow',
+  },
 };

 export const authorizeUser = async (request, response, next) => {
--- a/packages/backend/src/routes/api/v1/folders.js
+++ b/packages/backend/src/routes/api/v1/folders.js
@@ -3,10 +3,18 @@ import { authenticateUser } from '../../../helpers/authentication.js';
 import { authorizeUser } from '../../../helpers/authorization.js';
 import createFolderAction from '../../../controllers/api/v1/folders/create-folder.js';
 import updateFolderAction from '../../../controllers/api/v1/folders/update-folder.js';
+import deleteFolderAction from '../../../controllers/api/v1/folders/delete-folder.js';

 const router = Router();

 router.post('/', authenticateUser, authorizeUser, createFolderAction);
 router.patch('/:folderId', authenticateUser, authorizeUser, updateFolderAction);

+router.delete(
+  '/:folderId',
+  authenticateUser,
+  authorizeUser,
+  deleteFolderAction
+);
+
 export default router;